Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Could be infected, could you check it out?


  • Please log in to reply
17 replies to this topic

#1 coolcat22

coolcat22

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:26 PM

Posted 27 October 2014 - 11:08 AM

A few awhile ago I was downloading custom content for the sims 2 and the site linked to a site called sockshare to host their files. When I had clicked the file I noticed that their was a flashplayer video with a WB logo. I thought this was odd as I wasn't downloading any sort of video file. Accidentally let my finger slip (i was using my touchpad im not used to it since i usually use my wireless mouse) and it ended up loading said video and loading it. It only played it for a few seconds. Anyways I thought maybe it was just the wrong link so I clicked a different mirror for the object I wanted. It did the same thing, same video file I started to think maybe it was one of those annoying ads anyways I clicked download file and it redirected be back to the same page then I noticed the file size changed, thought that was odd, clicked it again, redirected me again. I clicked it maybe 2 more times (stupid me) and it kept redirecting me back.

 

I finally googled sockshare because I had never used it but apparently it may have been hacked but I thought since I didnt download anything that maybe its okay. They said it the same thing was happening to a site called firedrive. I read up on it and they said that may just be a ploy to get money from the ads when I got redirected all those times. It has gotten me quite paranoid that I haven't logged into many personal accounts. I did accidentally click the video file could that have downloaded a virus/some keylogger to my computer or when i kept clicking the download file button? I've read up on it and apparently I'm not the only one who has done this. Some people have lost their paid accounts on that site or did the same thing I did. Could previous entered passwords be found before something got into my computer?

 

I haven't seen any reports on their other accounts being hacked or computer messed up from it but I'm still a bit worried as its very suspicious. One person said that the timing was right that it could be shellshock? I have Windows 7 so I don't think that would mess with my computer. I'm just worried that they used a java or flash exploit or i accidentally downloaded something when the video played. I'm probably overreacting a bit but I'm usually careful what sites i use but I thought since it was just for my sims 2 game it would be okay :/ I have done some AVG and MBAM scans and they come back positive but I'm not sure if those would show everything. Are there other programs I could try to be sure I didn't download something that would affect my entire system at boot up or something?


Edited by coolcat22, 27 October 2014 - 11:35 AM.


BC AdBot (Login to Remove)

 


m

#2 buddy215

buddy215

  • BC Advisor
  • 12,617 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:26 PM

Posted 27 October 2014 - 11:51 AM

Would be a good idea to scan for adware and possibly malware. These three scans do a good job at finding and removing both.

 

  • download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).




    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

ESET SCAN

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#3 coolcat22

coolcat22
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:26 PM

Posted 28 October 2014 - 11:46 AM

Here are my first two logs. I'm going to do the ESET scan now and will post it after its done.

 

# AdwCleaner v4.002 - Report created 28/10/2014 at 11:14:05
# DB v2014-10-26.6
# Updated 27/10/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : owner - OWNER-HP
# Running from : C:\Users\owner\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[x] Not Deleted : vToolbarUpdater18.1.9

***** [ Files / Folders ] *****

[x] Not Deleted : C:\ProgramData\AVG SafeGuard toolbar
[x] Not Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar
[x] Not Deleted : C:\Users\owner\AppData\Local\AVG SafeGuard toolbar
[x] Not Deleted : C:\Users\owner\AppData\LocalLow\AVG SafeGuard toolbar
[x] Not Deleted : C:\ProgramData\AVG Secure Search
[x] Not Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
[x] Not Deleted : C:\ProgramData\AVG Security Toolbar
[x] Not Deleted : C:\Program Files (x86)\AVG Security Toolbar
[x] Not Deleted : C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio
[x] Not Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml
[x] Not Deleted : C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_adultcatfinder.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

[x] Not Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
[x] Not Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
[x] Not Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
[x] Not Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
[x] Not Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
[x] Not Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
[x] Not Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
[x] Not Deleted : HKLM\SOFTWARE\Classes\S
[x] Not Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[x] Not Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[x] Not Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
[x] Not Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
[x] Not Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[x] Not Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{13086CD4-88B6-45E3-9182-3BC2664199F7}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{1FCD7139-C2A3-49AD-8B9E-E82E48AE5DF6}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{319FCB76-1568-4EFA-863B-B03A2B16EB5C}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{4796719D-2B92-47BC-920B-77BCDBDBCB6A}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{64A66B25-A70F-4373-95EF-3A1DB6040B3A}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{6FC5F7E0-D65A-465C-B8EE-A5F8E008D6DF}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{731D436C-464C-4F29-BFB2-DE9C458535AE}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{7C89C8A6-991C-4626-9E26-B12EB4D89C04}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEF00686-CAB8-4885-9CCB-78FF483041AA}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{FDA55C78-736E-4E8A-996C-4A80FC0396FB}
[x] Not Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[x] Not Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[x] Not Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[x] Not Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[x] Not Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
[x] Not Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
[x] Not Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
[x] Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
[x] Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
[x] Not Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[x] Not Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[x] Not Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[x] Not Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[x] Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
[x] Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
[x] Not Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
[x] Not Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
[x] Not Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
[x] Not Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
[x] Not Deleted : HKCU\Software\APN PIP
[x] Not Deleted : HKCU\Software\AVG SafeGuard toolbar
[x] Not Deleted : HKLM\SOFTWARE\AVG SafeGuard toolbar
[x] Not Deleted : HKLM\SOFTWARE\AVG Security Toolbar
[x] Not Deleted : HKLM\SOFTWARE\PerformerSoft
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
[x] Not Deleted : [x64] HKCU\Software\APN PIP
[x] Not Deleted : [x64] HKCU\Software\AVG SafeGuard toolbar
[x] Not Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
[x] Not Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17344


-\\ Mozilla Firefox v32.0.3 (x86 en-US)


-\\ Google Chrome v


*************************

AdwCleaner[R0].txt - [7525 octets] - [28/10/2014 10:52:41]
AdwCleaner[R1].txt - [7610 octets] - [28/10/2014 11:09:19]
AdwCleaner[S0].txt - [8032 octets] - [28/10/2014 11:06:21]
AdwCleaner[S1].txt - [7919 octets] - [28/10/2014 11:14:05]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [7979 octets] ##########
# AdwCleaner v4.002 - Report created 28/10/2014 at 11:14:05
# DB v2014-10-26.6
# Updated 27/10/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : owner - OWNER-HP
# Running from : C:\Users\owner\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[x] Not Deleted : vToolbarUpdater18.1.9

***** [ Files / Folders ] *****

[x] Not Deleted : C:\ProgramData\AVG SafeGuard toolbar
[x] Not Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar
[x] Not Deleted : C:\Users\owner\AppData\Local\AVG SafeGuard toolbar
[x] Not Deleted : C:\Users\owner\AppData\LocalLow\AVG SafeGuard toolbar
[x] Not Deleted : C:\ProgramData\AVG Secure Search
[x] Not Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
[x] Not Deleted : C:\ProgramData\AVG Security Toolbar
[x] Not Deleted : C:\Program Files (x86)\AVG Security Toolbar
[x] Not Deleted : C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio
[x] Not Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml
[x] Not Deleted : C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_adultcatfinder.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

[x] Not Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
[x] Not Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
[x] Not Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
[x] Not Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
[x] Not Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
[x] Not Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
[x] Not Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
[x] Not Deleted : HKLM\SOFTWARE\Classes\S
[x] Not Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[x] Not Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[x] Not Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
[x] Not Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
[x] Not Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[x] Not Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{13086CD4-88B6-45E3-9182-3BC2664199F7}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{1FCD7139-C2A3-49AD-8B9E-E82E48AE5DF6}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{319FCB76-1568-4EFA-863B-B03A2B16EB5C}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{4796719D-2B92-47BC-920B-77BCDBDBCB6A}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{64A66B25-A70F-4373-95EF-3A1DB6040B3A}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{6FC5F7E0-D65A-465C-B8EE-A5F8E008D6DF}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{731D436C-464C-4F29-BFB2-DE9C458535AE}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{7C89C8A6-991C-4626-9E26-B12EB4D89C04}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEF00686-CAB8-4885-9CCB-78FF483041AA}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{FDA55C78-736E-4E8A-996C-4A80FC0396FB}
[x] Not Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[x] Not Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[x] Not Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[x] Not Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[x] Not Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
[x] Not Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
[x] Not Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
[x] Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
[x] Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
[x] Not Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[x] Not Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[x] Not Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[x] Not Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[x] Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
[x] Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
[x] Not Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
[x] Not Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
[x] Not Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
[x] Not Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
[x] Not Deleted : HKCU\Software\APN PIP
[x] Not Deleted : HKCU\Software\AVG SafeGuard toolbar
[x] Not Deleted : HKLM\SOFTWARE\AVG SafeGuard toolbar
[x] Not Deleted : HKLM\SOFTWARE\AVG Security Toolbar
[x] Not Deleted : HKLM\SOFTWARE\PerformerSoft
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
[x] Not Deleted : [x64] HKCU\Software\APN PIP
[x] Not Deleted : [x64] HKCU\Software\AVG SafeGuard toolbar
[x] Not Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
[x] Not Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17344


-\\ Mozilla Firefox v32.0.3 (x86 en-US)


-\\ Google Chrome v


*************************

AdwCleaner[R0].txt - [7525 octets] - [28/10/2014 10:52:41]
AdwCleaner[R1].txt - [7610 octets] - [28/10/2014 11:09:19]
AdwCleaner[S0].txt - [8032 octets] - [28/10/2014 11:06:21]
AdwCleaner[S1].txt - [7919 octets] - [28/10/2014 11:14:05]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [7979 octets] ##########
 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.3 (10.21.2014:1)
OS: Windows 7 Home Premium x64
Ran by owner on Tue 10/28/2014 at 11:30:19.98
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"



~~~ Files

Successfully deleted: [File] "C:\Users\owner\appdata\local\google\chrome\user data\default\local storage\http_adultcatfinder.com_0.localstorage-journal"
Successfully deleted: [File] "C:\Windows\wininit.ini"



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{05097465-FCC3-41C0-A7F2-08488FDE7B97}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{0673A794-1090-4B7C-8670-4F9DF45EA558}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{0F53F585-0033-4ADB-AF40-F6F1561B291C}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{5E41E683-6E49-40ED-B771-D84F74B6556D}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{7DE184E6-0727-4BEA-89D1-17571E79CF54}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{927EB484-1F70-46B2-A0C3-906C8427488E}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{ADADEA3E-594E-4D3B-BD39-4E169395A54B}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{B2F3A532-AF4C-447F-8C73-BA2F3A46C536}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{BA6607B7-806B-450B-9E05-64594D5B951C}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{C5BA716F-4E13-4115-84BC-57C53F13EEA0}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{C81D7435-1983-4FD4-A9F2-D7347CA99A70}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{DD71AF6D-D295-4221-A9C2-15C32A41929D}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{EA55CDE6-9DBA-43A8-B6AC-B385D195163E}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{ED0D3E2E-8209-45C2-906D-92AF01283C09}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{EE7C74DC-8591-4286-8CEC-9F27DDE7B634}



~~~ FireFox

Successfully deleted the following from C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\dnyehbs6.default\prefs.js

user_pref("browser.startup.homepage", "hxxp://mysearch.avg.com?cid={D4BB8F01-03A2-4135-9E68-7877D48E5A92}&mid=ca21d58c66c647d1820b9557e73232ef-9d20d63c963902d99a931519949f8182
user_pref("extensions.xkit7.extension_glowing_follow", "{\"script\":\"//* TITLE Glowing Follow **//\\r\\n//* VERSION 1.0 REV A **//\\r\\n//* DESCRIPTION Glowing plusses on blo
user_pref("extensions.xkit7.extension_go_to_dash", "{\"script\":\"//* TITLE Go-To-Dash **//\\r\\n//* VERSION 1.0 REV E **//\\r\\n//* DESCRIPTION View a post on a blog on your
user_pref("extensions.xkit7.extension_mute", "{\"script\":\"//* TITLE Mute! **//\\r\\n//* VERSION 2.1 REV A **//\\r\\n//* DESCRIPTION Better than 'shut up!' **//\\r\\n//* DETA
user_pref("extensions.xkit7.extension_one_click_postage", "{\"script\":\"//* TITLE One-Click Postage **//\\r\\n//* VERSION 2.7 REV G **//\\r\\n//* DESCRIPTION Lets you easily
user_pref("extensions.xkit7.extension_tweaks", "{\"script\":\"//* TITLE Tweaks **//\\r\\n//* VERSION 2.3 REV F **//\\r\\n//* DESCRIPTION Various little tweaks for your dashboa
user_pref("extensions.xkit7.extension_xkit_preferences", "{\"script\":\"//* TITLE XKit Preferences **//\\r\\n//* VERSION 2.5 REV B **//\\r\\n//* DESCRIPTION Lets you customize
user_pref("xkit.x1cpostage", "//* VERSION 5.8 REV E **//\r\n//* TITLE One-Click Postage **//\r\n//* DEVELOPER STUDIOXENIX **//\r\n//* PREFMENU One-Click Postage Settings **//\
user_pref("xkit.x1cpostage_icon", "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAYAAABzenr0AAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAyJpVFh0WE1MOmNvbS5hZG
user_pref("xkit.xcleanfeed", "//* VERSION 1.1 REV A **//\r\n//* TITLE CleanFeed **//\r\n//* NEW true **//\r\n//* DESCRIPTION Safely browse your dashboard in public. **//\r\n//
user_pref("xkit.xcleanfeed_icon", "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAYAAABzenr0AAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAyJpVFh0WE1MOmNvbS5hZG
user_pref("xkit.xfollowers", "//* VERSION 4.1 REV C **//\r\n//* INTERVAL 0 **//\r\n//* TITLE Delta Checker **//\r\n//* DEVELOPER STUDIOXENIX **//\r\n//* DESCRIPTION Check who
user_pref("xkit.xfollowers_followers_bee-ran", ",fandoms-inc,emixlee,radben,thekenziscale,incompletemasterpiece,cheese-your-life,all-this-commotion,fivecentsplease,valerius75,
user_pref("xkit.xgotodash", "//* VERSION 1.2 REV B **//\r\n//* TITLE Go-To-Dash **//\r\n//* DESCRIPTION Adds a button on peoples blogs that allows you to go back to that post
user_pref("xkit.xgotodash_icon", "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAYAAABzenr0AAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAyJpVFh0WE1MOmNvbS5hZG9
user_pref("xkit.xkit_installer", "//* VERSION 6.1 REV A **//\r\n// XKit Installer\r\n// Installs XKit. Loaded by bootstrapper.\r\n// © 2011 STUDIOXENIX.com\r\n\r\nvar instal
user_pref("xkit.xkit_preferences", "//* VERSION 6.9 REV E **//\r\n//* TITLE XKit Control Panel **//\r\n//* INTERVAL 0 **//\r\n// XKit Preferences\r\n// Injects the preference
user_pref("xkit.xkit_required", "//* VERSION 6.0 REV C **//\r\n// XKit Required\r\n// Required images and text.\r\n// © 2011 - 2012 STUDIOXENIX.com\r\n\r\n\r\n/*!\r\n * jQue
user_pref("xkit.xmutualfollowers", "//* VERSION 1.0 REV C **//\r\n//* INTERVAL 0 **//\r\n//* TITLE Mutual Checker **//\r\n//* DEVELOPER STUDIOXENIX **//\r\n//* DESCRIPTION Che
user_pref("xkit.xnews_9IsPoweYV9_message", "Thanks for trying XKit 6 Preview Release.<br/>\r\nIf you have any suggestions or problems, please feel free to send me <a href=\"ht
user_pref("xkit.xnews_9IsPoweYV9_read", "true");
user_pref("xkit.xnews_9IsPoweYV9_time", "30335134452");
user_pref("xkit.xnews_9IsPoweYV9_title", "Have suggestions?");
user_pref("xkit.xnews_items", ",0,9IsPoweYV9,ZVCmRe6Jng,xmGHgPPM7G,wgrsr0a595,FX0QoUGX8j,YtZeJK6m9U,gXmS9aTqB3,yNstP43nzc,3L1Pt4aLOV,4jqswSDCrV,RgXcjevV6e,7uq3JbIbgg,jZXyuPDBt
user_pref("xkit.xoldeheader_icon", "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAYAAABzenr0AAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAyJpVFh0WE1MOmNvbS5hZ
user_pref("xkit.xoldesidebar_icon", "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAYAAABzenr0AAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAyJpVFh0WE1MOmNvbS5h
user_pref("xkit.xpeh_icon", "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAYAAABzenr0AAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAyJpVFh0WE1MOmNvbS5hZG9iZS54
user_pref("xkit.xpreview_icon", "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAYAAABzenr0AAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAyJpVFh0WE1MOmNvbS5hZG9i
user_pref("xkit.xquickasks_icon", "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAYAAABzenr0AAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAyJpVFh0WE1MOmNvbS5hZG
user_pref("xkit.xreblogurself_icon", "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAYAAABzenr0AAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAyJpVFh0WE1MOmNvbS5
user_pref("xkit.xreblogyourself_icon", "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAYAAABzenr0AAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAyJpVFh0WE1MOmNvb
user_pref("xkit.xwraptags_icon", "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAYAAABzenr0AAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAyJpVFh0WE1MOmNvbS5hZG9
Emptied folder: C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\dnyehbs6.default\minidumps [2103 files]



~~~ Chrome

Successfully deleted: [Folder] C:\Users\owner\appdata\local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 10/28/2014 at 11:39:57.81
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

I noticed a file called "HKCU\Software\APN PIP" didn't know what what it was but didn't think it was anything to worry about but then JRT deleted it. Did I overlook anything else?



#4 buddy215

buddy215

  • BC Advisor
  • 12,617 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:26 PM

Posted 28 October 2014 - 02:19 PM

You need to CLEAN what AdwCleaner found.....mostly AVG adware and one 'dating service' that JRT removed some of.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#5 coolcat22

coolcat22
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:26 PM

Posted 28 October 2014 - 04:40 PM

Ah okay, I thought maybe I should keep the AVG things since it came with the program and wasn't what I was looking for. I'll get to that.

 

Here are the results from ESET. I wasn't sure which log they meant. So I'm posting both.

 

ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=3892d6ce3023ba42bc636ff34e5e5b92
# engine=20819
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-10-28 09:28:59
# local_time=2014-10-28 04:28:59 (-0600, Central Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 40049996 166075189 0 0
# scanned=291118
# found=5
# cleaned=5
# scan_time=14019
sh=7F660A0039795369F2B241FF4177DBFF07BF0D00 ft=1 fh=9787637614bed319 vn="a variant of Win32/HackTool.Patcher.A potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\VSO\ConvertX\patch.exe.BAK"
sh=B307340E25D07B8A7D9E1E3F3467E6310352F0EC ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\owner\AppData\Local\Downloaded Installations\{BF3589D3-BF62-48FE-9405-C2FB81574783}\The Weather Channel App.msi"
sh=184048230E258706E470F1D2BC550169C3CD4A9B ft=1 fh=69a4d1bb541b347c vn="a variant of Win32/Toolbar.SearchSuite.P potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\owner\AppData\Local\Viber\Helper.dll"
sh=12BAEC5B7B48E9752724C6246320D585B86A7BB6 ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\owner\Desktop\SopCast.zip"
sh=B307340E25D07B8A7D9E1E3F3467E6310352F0EC ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Windows\Installer\53ea8.msi"
 

 

Second one -

C:\Program Files (x86)\VSO\ConvertX\patch.exe.BAK    a variant of Win32/HackTool.Patcher.A potentially unsafe application    deleted - quarantined
C:\Users\owner\AppData\Local\Downloaded Installations\{BF3589D3-BF62-48FE-9405-C2FB81574783}\The Weather Channel App.msi    a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application    deleted - quarantined
C:\Users\owner\AppData\Local\Viber\Helper.dll    a variant of Win32/Toolbar.SearchSuite.P potentially unwanted application    deleted - quarantined
C:\Users\owner\Desktop\SopCast.zip    a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application    deleted - quarantined
C:\Windows\Installer\53ea8.msi    a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application    deleted - quarantined
 



#6 buddy215

buddy215

  • BC Advisor
  • 12,617 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:26 PM

Posted 28 October 2014 - 05:02 PM

Were you aware that this was on your computer: HackTool:Win32/Patch.A is a generic detection for a series of hacking tools intended to "patch" programs that may be evaluation copies, or unregistered versions with limited features.  Eset removed it.

Per Microsoft: It is recommended that you do not run applications detected as HackTool:Win32/Patch.A, as they may be associated with other malicious, or unwanted applications.

HackTool:Win32/Patch.A is a user interactive program that does not automatically run at Windows start, or run as a hidden process.

 

Check in your Add/ Remove for Ask.....that is often what AVG uses, too. AVG's main reason for those add-ons AdwCleaner detected is to redirect searches

and ad placements....adware.

 

Use CCleaner to cleanup temporary files, program caches, ad/ tracking cookies, etc. Use the default settings. No need to use the Registry Cleaner....risky.

Be sure to pay attention during install and UNcheck any offers of toolbars...especially Yahoo.

CCleaner - PC Optimization and Cleaning - Free Download

 

After installing and cleaning using CCleaner, open CCleaner and click on Tools. Click on Uninstall. At the bottom right of that page

you will see a button when clicked will allow you to copy and paste the list of programs installed on your computer. Please post that list

back here.


Edited by buddy215, 28 October 2014 - 05:07 PM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#7 coolcat22

coolcat22
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:26 PM

Posted 28 October 2014 - 05:52 PM

I looked at the file path and thats in a folder for a program I don't really use. Someone had installed it when they needed to do a project to make a dvd or something. I don't really know anything about it.

 

Before you had posted your reply I had gone AdwCleaner again to remove the things you mentioned earlier. I removed them but during the cleaning process while it was "cleaning browsers" it froze up on me and didn't respond. It wouldn't let me do much with my computer after 10 minutes of waiting. I couldn't properly restart my computer or force shut down the program so I had to press the power button my laptop. Is this okay? Did that mess up the process/mess up any files? A log still showed up in the AdwCleaner folder.

 

# AdwCleaner v4.002 - Report created 28/10/2014 at 16:46:09
# DB v2014-10-26.6
# Updated 27/10/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : owner - OWNER-HP
# Running from : C:\Users\owner\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[x] Not Deleted : vToolbarUpdater18.1.9

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar
[!] Folder Deleted : C:\Users\owner\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\owner\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\Program Files (x86)\AVG Security Toolbar
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

[x] Not Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
[x] Not Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
[x] Not Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
[x] Not Deleted : HKLM\SOFTWARE\Classes\S
[x] Not Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[x] Not Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[x] Not Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
[x] Not Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[x] Not Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{13086CD4-88B6-45E3-9182-3BC2664199F7}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{1FCD7139-C2A3-49AD-8B9E-E82E48AE5DF6}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{319FCB76-1568-4EFA-863B-B03A2B16EB5C}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{4796719D-2B92-47BC-920B-77BCDBDBCB6A}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{64A66B25-A70F-4373-95EF-3A1DB6040B3A}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{6FC5F7E0-D65A-465C-B8EE-A5F8E008D6DF}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{731D436C-464C-4F29-BFB2-DE9C458535AE}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{7C89C8A6-991C-4626-9E26-B12EB4D89C04}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEF00686-CAB8-4885-9CCB-78FF483041AA}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{FDA55C78-736E-4E8A-996C-4A80FC0396FB}
[x] Not Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[x] Not Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[x] Not Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[x] Not Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[x] Not Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
[x] Not Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
[x] Not Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
[x] Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
[x] Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
[x] Not Deleted : HKLM64\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[x] Not Deleted : HKLM64\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[x] Not Deleted : HKLM64\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[x] Not Deleted : HKLM64\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[x] Not Deleted : HKCU64\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
[x] Not Deleted : HKCU64\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
[x] Not Deleted : HKLM64\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
[x] Not Deleted : HKLM64\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
[x] Not Deleted : HKLM64\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
[x] Not Deleted : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
[x] Not Deleted : HKLM\SOFTWARE\PerformerSoft
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
Key Deleted : HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17344


-\\ Mozilla Firefox v32.0.3 (x86 en-US)


-\\ Google Chrome v
 

 

Here's the program list

 

Adobe Flash Player 11 Plugin    Adobe Systems Incorporated    6/15/2013    6.00 MB    11.7.700.224
Adobe Reader XI (11.0.03)    Adobe Systems Incorporated    6/15/2013    126.5 MB    11.0.03
Adobe Shockwave Player 11.5    Adobe Systems, Inc.    3/23/2012        11.5.9.620
Apple Application Support    Apple Inc.    8/26/2014    93.4 MB    3.0.6
Apple Mobile Device Support    Apple Inc.    7/28/2014    21.3 MB    7.1.2.6
Apple Software Update    Apple Inc.    3/16/2012    2.38 MB    2.1.3.127
Atheros Driver Installation Program    Atheros    9/23/2011        9.2
Audacity 2.0.5    Audacity Team    1/26/2014    45.5 MB    2.0.5
AVG 2015    AVG Technologies    10/27/2014        2015.0.5315
AVIGenerator 1.8.0.0        4/16/2013        1.8.0.0
Bonjour    Apple Inc.    3/16/2012    2.00 MB    3.0.0.10
CamStudio        6/8/2012        
CCleaner    Piriform    3/22/2012        3.16
CEP (Color Enable Package) v.9.2 (beta)    Numenor, for ModTheSims2    8/30/2014        9.2 (beta)
Cisco EAP-FAST Module    Cisco Systems, Inc.    9/23/2011    1.55 MB    2.2.14
Cisco LEAP Module    Cisco Systems, Inc.    9/23/2011    0.63 MB    1.0.19
Cisco PEAP Module    Cisco Systems, Inc.    9/23/2011    1.24 MB    1.1.6
ConvertHelper 2.2    DownloadHelper    6/12/2012        
ConvertXtoDVD 3.0.0.1        4/2/2013        3.0.0.1
CyberLink YouCam    CyberLink Corp.    9/23/2011    124.3 MB    3.5.1.4119
DAEMON Tools Lite    DT Soft Ltd    3/7/2013        4.46.1.0328
Disney Toontown Online    Walt Disney Internet Group    4/9/2012        
Doom 3    Activision    9/7/2012    1,489 MB    1.00.0000
ESET Online Scanner v3        10/28/2014        
F.lux        7/24/2012        
Fable - The Lost Chapters    Microsoft Game Studios    3/7/2013    2,745 MB    1.00.0000
Facebook Video Calling 3.1.0.521    Skype Limited    8/22/2014    12.5 MB    3.1.521
FileHippo.com Update Checker        12/9/2012        
Google Chrome    Google Inc.    7/7/2012        38.0.2125.104
Google Talk Plugin    Google    6/8/2014    13.2 MB    5.4.2.18903
Grand Theft Auto Vice City        11/17/2012        1.00.000
HandBrake 0.9.9.1        4/4/2014        0.9.9.1
HiJackThis    Trend Micro    3/23/2012    0.36 MB    1.0.0
Hitman 2: Silent Assassin        4/3/2014        
HP Documentation    Hewlett-Packard    7/15/2011    293 MB    1.1.0.0
HP Games    WildTangent    3/23/2012        1.0.2.5
HP On Screen Display    Hewlett-Packard Company    7/15/2011    1.43 MB    1.1.2
HP Power Manager    Hewlett-Packard Company    9/23/2011    3.61 MB    1.2.3
HP Quick Launch    Hewlett-Packard Company    7/15/2011    7.14 MB    2.4.3
HP QuickWeb    Hewlett-Packard Company    9/23/2011    4.49 MB    3.1.0.9742
HP Setup    Hewlett-Packard Company    7/15/2011    119.0 MB    8.7.4751.3798
HP Setup Manager    Hewlett-Packard Company    9/23/2011    8.31 MB    1.1.13476.3753
HP SimplePass PE 2011    Hewlett-Packard    12/23/2011    77.0 MB    5.3.0.273
HP Software Framework    Hewlett-Packard Company    7/15/2011    2.80 MB    4.1.6.1
HP Support Assistant    Hewlett-Packard Company    7/15/2011    75.0 MB    6.0.5.4
iCloud    Apple Inc.    7/28/2014    156.9 MB    3.1.0.40
IDT Audio    IDT    9/23/2011        1.0.6341.0
iExplorer 2.2.1.3    Macroplant, LLC    5/13/2013    4.11 MB    
ImgBurn    LIGHTNING UK!    6/23/2012        2.5.7.0
Intel® Control Center    Intel Corporation            1.2.1.1007
Intel® Identity Protection Technology 1.1.2.0    Intel Corporation    9/23/2011    1.13 MB    1.1.2.0
Intel® Management Engine Components    Intel Corporation            7.0.0.1144
Intel® Processor Graphics    Intel Corporation            8.15.10.2372
Intel® Rapid Storage Technology    Intel Corporation            10.5.0.1026
iTunes    Apple Inc.    8/26/2014    221 MB    11.3.1.2
IZArc 4.1.6    Ivan Zahariev    7/2/2012    13.4 MB    4.1.6
Janetter 4.2.2.0    Jane, Inc.    6/21/2013        
Java 7 Update 25    Oracle    7/4/2013    129.3 MB    7.0.250
Java 7 Update 9 (64-bit)    Oracle    12/9/2012    127.4 MB    7.0.90
Last.fm Scrobbler 2.1.30    Last.fm    1/21/2013    61.7 MB    
Learning Lodge™    VTech    11/26/2013        
LockHunter 2.0 beta 2, 64 bit    Crystal Rich, Ltd    12/25/2012    4.60 MB    
Logitech Touch Mouse Server 1.0    Logitech Inc.    7/16/2012        1.0
Malwarebytes Anti-Malware version 1.61.0.1400    Malwarebytes Corporation    4/17/2012    18.0 MB    1.61.0.1400
ManyCam 4.0.44    Visicom Media Inc.    1/12/2014        4.0.44
Microsoft .NET Framework 1.1    Microsoft    6/22/2012    34.8 MB    1.1.4322
Microsoft .NET Framework 4.5.1    Microsoft Corporation    12/12/2013    38.8 MB    4.5.50938
Microsoft LifeCam    Microsoft Corporation    12/24/2011    60.1 MB    3.22.270.0
Microsoft Office 2010    Microsoft Corporation    9/12/2013    8.38 MB    14.0.4763.1000
Microsoft Silverlight    Microsoft Corporation    7/24/2014    249 MB    5.1.30514.0
Microsoft SQL Server 2005 Compact Edition [ENU]    Microsoft Corporation    7/15/2011    1.70 MB    3.1.0000
Microsoft Visual C++ 2005 Redistributable    Microsoft Corporation    12/12/2011    0.29 MB    8.0.56336
Microsoft Visual C++ 2005 Redistributable (x64)    Microsoft Corporation    9/23/2011    0.61 MB    8.0.61000
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17    Microsoft Corporation    7/15/2011    0.77 MB    9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148    Microsoft Corporation    9/23/2011    0.77 MB    9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161    Microsoft Corporation    12/12/2011    0.77 MB    9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022    Microsoft Corporation    4/16/2013    1.42 MB    9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17    Microsoft Corporation    9/23/2011    0.58 MB    9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148    Microsoft Corporation    9/23/2011    0.58 MB    9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161    Microsoft Corporation    12/12/2011    0.59 MB    9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219    Microsoft Corporation    11/8/2012    5.85 MB    10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219    Microsoft Corporation    12/12/2011    11.9 MB    10.0.40219
Mozilla Firefox 32.0.3 (x86 en-US)    Mozilla    10/2/2014    84.7 MB    32.0.3
Mozilla Maintenance Service    Mozilla    7/26/2014    0.33 MB    30.0
MSXML 4.0 SP2 (KB954430)    Microsoft Corporation    11/23/2011    1.28 MB    4.20.9870.0
MSXML 4.0 SP2 (KB973688)    Microsoft Corporation    11/23/2011    1.33 MB    4.20.9876.0
MySims™    Electronic Arts    1/6/2014        1.00.0000
NetViewer 2.1.366.0        4/16/2013        2.1.366.0
Night Owl Watermark Player 1.0.1.23        4/16/2013        1.0.1.23
NirSoft ShellExView        6/29/2012        
Origin    Electronic Arts, Inc.    7/26/2014        9.4.11.2806
Paint.NET v3.5.10    dotPDN LLC    7/16/2012    10.7 MB    3.60.0
Photo! Editor 1.1        7/14/2012        
Pinnacle Studio 12    Pinnacle Systems    7/2/2012    1,549 MB    12.1.3.6605
Pinnacle Video Driver    Pinnacle Systems    7/2/2012    2.74 MB    12.1.0.029
Pirate101    KingsIsle Entertainment, Inc.    11/16/2013        1.0.0
PlayBack 1.0.1.15        4/16/2013        1.0.1.15
PlayReady PC Runtime x86    Microsoft Corporation    7/15/2011    1.65 MB    1.3.0
Poladroid    Poladroid.net    12/12/2012    16.6 MB    0.9.6.0
QuickTime 7    Apple Inc.    7/28/2014    70.3 MB    7.75.80.95
Rainlendar2 (remove only)        7/8/2012        
Realtek Ethernet Controller Driver    Realtek    9/23/2011        7.40.126.2011
Realtek PCIE Card Reader    Realtek Semiconductor Corp.    9/23/2011        6.1.7600.77
Revo Uninstaller 1.94    VS Revo Group    7/2/2012        1.94
Roxio Drag-to-Disc    Roxio    6/22/2012    9.07 MB    9.05
Roxio Easy CD and DVD Burning    Roxio    6/22/2012    458 MB    9.0.554
RoxioNow Player    RoxioNow    7/15/2011    11.0 MB    1.9.5.103
Safari    Apple Inc.    4/16/2013    104.3 MB    5.34.57.2
Screencast-O-Matic    Screencast-O-Matic    8/14/2012        
Sims2Pack Clean Installer        8/26/2014        
Skype™ 6.20    Skype Technologies S.A.    9/17/2014    26.6 MB    6.20.104
SoftPerfect Bandwidth Manager 3.0.7    SoftPerfect Research    7/26/2014    17.1 MB    
SopCast 3.8.3    www.sopcast.com    11/6/2013        3.8.3
Spotify    Spotify AB    10/4/2014        0.9.14.13.gba5645ad
SpywareBlaster 4.6    Javacool Software LLC    3/23/2012    6.53 MB    4.6.0
Synaptics TouchPad Driver    Synaptics Incorporated    3/23/2012    46.4 MB    15.3.29.0
System Requirements Lab Detection    Husdawg, LLC    8/31/2014    0.65 MB    2.0.0.0
The Sims 2: Ultimate Collection    Electronic Arts    8/23/2014    12,873 MB    1.0.0.0
The Sims™ 3    Electronic Arts    11/19/2013        1.63.5
The Weather Channel App    The Weather Channel    6/28/2013        1.00.0000
The Weather Channel App                
Toontown Rewritten    The TTR Team    9/19/2014        00.00.00.00
Trillian    Cerulean Studios, LLC    3/23/2012        
TunnelBear 1.0.28    TunnelBear    3/23/2012        1.0.28
VDownloader 3.9.1195    Vitzo Limited    6/12/2012    43.6 MB    
Viber    Viber Media Inc    11/15/2013        3.0.0.133634
VIP Access SDK (1.0.1.2)    Symantec Inc.            1.0.1.2
Visual Studio 2008 x64 Redistributables    AVG Technologies    3/21/2012    8.15 MB    10.0.0.2
Visual Studio 2010 x64 Redistributables    AVG Technologies    9/27/2012    12.4 MB    13.0.0.1
Visual Studio 2012 x64 Redistributables    AVG Technologies    11/14/2013    13.0 MB    14.0.0.1
Visual Studio 2012 x86 Redistributables    AVG Technologies CZ, s.r.o.    11/14/2013    10.5 MB    14.0.0.1
VLC media player 2.0.1    VideoLAN    4/17/2012        2.0.1
WildTangent Games    WildTangent    1/2/2014        1.0.4.0
Windows Live Essentials    Microsoft Corporation    7/15/2011        15.4.3508.1109
Windows Live Mesh ActiveX Control for Remote Connections    Microsoft Corporation    7/15/2011    5.57 MB    15.4.5722.2
Windows Movie Maker 2.6    Microsoft Corporation    5/23/2013    8.82 MB    2.6.4037.0
WinPatrol    BillP Studios    3/23/2012    1.61 MB    24.3.2012
WinPcap 4.1.1    CACE Technologies    6/12/2012        4.1.0.1753
WinRAR 4.11 (64-bit)    win.rar GmbH    3/23/2012        4.11.0
Wizard101    KingsIsle Entertainment, Inc.    10/25/2013        1.0.0
Xvid Video Codec    Xvid Team    6/8/2012        1.3.2
ZViewer version 1.0.1.29    ZMODO Technology Corporation    3/2/2014    32.1 MB    1.0.1.29
 


Edited by coolcat22, 28 October 2014 - 05:53 PM.


#8 buddy215

buddy215

  • BC Advisor
  • 12,617 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:26 PM

Posted 28 October 2014 - 06:32 PM

I don't know why AdwCleaner behaved that way. Were any browsers or programs opened when that happened? I suggest Uninstalling 

it and reinstalling. Open it and choose Uninstall then download again. Rerun and choose clean as there are many things that were listed but

not uninstalled.

EDIT: Shut down AVG before running AdwCleaner after reinstall. I do recall another instance where AVG interfered.

 

Uninstall these:Java 7 Update 25    Oracle    7/4/2013    129.3 MB    7.0.250
Java 7 Update 9 (64-bit)    Oracle    12/9/2012    127.4 MB    7.0.90  These are malware magnets. I suggest not installing Java unless you are

sure you need it. Most don't. (not java script....Java from Oracle)

 

Uninstall LockHunter 2.0 beta 2, 64 bit    Crystal Rich, Ltd    12/25/2012    4.60 MB.....outdated beta

Update Mozilla Firefox 32.0.3 (x86 en-US)    Mozilla    10/2/2014    84.7 MB    32.0.3 (Click on Help, click on About Firefox, click on update)

Uninstall WinPcap 4.1.1    CACE Technologies    6/12/2012        4.1.0.1753 

Uninstall Xvid Video Codec    Xvid Team    6/8/2012        1.3.2 (hey, you have VLC and Xvid is unneeded)


Edited by buddy215, 28 October 2014 - 06:34 PM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#9 coolcat22

coolcat22
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:26 PM

Posted 29 October 2014 - 09:51 AM

Here's my new AdwCleaner log. I'm going to work on uninstalling things now. Anything else I need to do, further scans? I'm guessing if I had any sort of keylogger or virus of some sort from sockshare it would have showed up by now?

 

# AdwCleaner v4.002 - Report created 29/10/2014 at 09:43:36
# DB v2014-10-26.6
# Updated 27/10/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : owner - OWNER-HP
# Running from : C:\Users\owner\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[x] Not Deleted : vToolbarUpdater18.1.9

***** [ Files / Folders ] *****

Folder Deleted : C:\Users\owner\AppData\Local\AVG SafeGuard toolbar

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

[x] Not Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
[x] Not Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
[x] Not Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
[x] Not Deleted : HKLM\SOFTWARE\Classes\S
[x] Not Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[x] Not Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[x] Not Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
[x] Not Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
[x] Not Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{13086CD4-88B6-45E3-9182-3BC2664199F7}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{1FCD7139-C2A3-49AD-8B9E-E82E48AE5DF6}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{319FCB76-1568-4EFA-863B-B03A2B16EB5C}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{4796719D-2B92-47BC-920B-77BCDBDBCB6A}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{64A66B25-A70F-4373-95EF-3A1DB6040B3A}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{6FC5F7E0-D65A-465C-B8EE-A5F8E008D6DF}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{731D436C-464C-4F29-BFB2-DE9C458535AE}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{7C89C8A6-991C-4626-9E26-B12EB4D89C04}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEF00686-CAB8-4885-9CCB-78FF483041AA}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{FDA55C78-736E-4E8A-996C-4A80FC0396FB}
[x] Not Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[x] Not Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[x] Not Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[x] Not Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[x] Not Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
[x] Not Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
[x] Not Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
[x] Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
[x] Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
[x] Not Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[x] Not Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[x] Not Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[x] Not Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[x] Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
[x] Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
[x] Not Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
[x] Not Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
[x] Not Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
[x] Not Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
[x] Not Deleted : HKLM\SOFTWARE\PerformerSoft

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17344


-\\ Mozilla Firefox v32.0.3 (x86 en-US)


-\\ Google Chrome v


*************************

AdwCleaner[R0].txt - [5454 octets] - [29/10/2014 09:39:30]
AdwCleaner[S0].txt - [5648 octets] - [29/10/2014 09:43:36]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5708 octets] ##########
 



#10 buddy215

buddy215

  • BC Advisor
  • 12,617 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:26 PM

Posted 29 October 2014 - 10:23 AM

AdwCleaner is still showing many items not deleted. Did you shut down AVG before using AdwCleaner? Be sure to

shut it down from running at startup as well as running while scanning.

 

Open Firefox and click on Tools > click on add-ons > click on extensions and disable or uninstall if offered any items mentioning

AVG, Ask or any toolbar or search protector. Firefox uses Google's list of bad sites....no need for any other. In the small search engine address bar

click on the arrow head and remove all search engine listings except the one you use....most likely Google.

 

If you can get AdwCleaner to complete the uninstall of all items then I would say you are good to go.


Edited by buddy215, 29 October 2014 - 10:24 AM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#11 coolcat22

coolcat22
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:26 PM

Posted 29 October 2014 - 12:34 PM

Which items in AdwCleaner am I meant to delete? All the registry items? I wasn't sure if i should touch that or not



#12 buddy215

buddy215

  • BC Advisor
  • 12,617 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:26 PM

Posted 29 October 2014 - 12:35 PM

Yes....delete all that it found!


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#13 coolcat22

coolcat22
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:26 PM

Posted 30 October 2014 - 08:20 AM

When I did the AdwCleaner, it froze up again like before. I think it still deleted things even though I had to force shut down my computer. Here's the log.

 

# AdwCleaner v4.002 - Report created 29/10/2014 at 14:44:28
# DB v2014-10-26.6
# Updated 27/10/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : owner - OWNER-HP
# Running from : C:\Users\owner\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : vToolbarUpdater18.1.9

***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{13086CD4-88B6-45E3-9182-3BC2664199F7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1FCD7139-C2A3-49AD-8B9E-E82E48AE5DF6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{319FCB76-1568-4EFA-863B-B03A2B16EB5C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4796719D-2B92-47BC-920B-77BCDBDBCB6A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64A66B25-A70F-4373-95EF-3A1DB6040B3A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6FC5F7E0-D65A-465C-B8EE-A5F8E008D6DF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{731D436C-464C-4F29-BFB2-DE9C458535AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7C89C8A6-991C-4626-9E26-B12EB4D89C04}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEF00686-CAB8-4885-9CCB-78FF483041AA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FDA55C78-736E-4E8A-996C-4A80FC0396FB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : HKLM64\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM64\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM64\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM64\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM64\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM64\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : HKLM64\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\PerformerSoft

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17344


-\\ Mozilla Firefox v32.0.3 (x86 en-US)


-\\ Google Chrome v
 

What exactly is the # symbol for by toolbar updater? I did another scan to be sure if anything was still there after I had to force shut down and nothing was found. Anything else I should do or am I good?

 

I'm still unsure of that website though, could it possibly have been just something to get money when I clicked those buttons?



#14 buddy215

buddy215

  • BC Advisor
  • 12,617 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:26 PM

Posted 30 October 2014 - 10:04 AM

I don't know what that denotes..#

 

If you are not experiencing any problem and computer is acting normal...then I think you are good to go.

 

There is no way for me to know what those sites were attempting.

 

I would suggest that you install a Script Blocker in Chrome since you are using it a lot. Firefox has an excellent Script blocker....NoScript

available as an add-on. I don't use Chrome so will not recommend a script blocker for it. I know there at least 2 .

Script blockers prevent dangerous scripting such as the driveby installs of malware from running. NoScript does much more.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#15 coolcat22

coolcat22
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:26 PM

Posted 02 November 2014 - 10:07 AM

Yes, computer is running normally but that site acting up and getting hacked got me paranoid. Hoping nothing is secretly watching/running on my computer. Ii know I clicked the download button but it just redirected me but I didn't download or install anything from that site intentionally as in I didn't click a download and click save as or install prompt (because it just redirected me) so maybe I'm okay.
 
I don't really use Chrome a lot though. I do use Firefox though and use adblock but maybe thats different from NoScript?

Edited by coolcat22, 02 November 2014 - 10:23 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users